Slashdot Mirror

← Back to Stories (view on slashdot.org)

BitTorrent Clients Can Be Made To Participate In High-Volume DoS Attacks

Posted by samzenpus on from the protect-ya-neck dept.

An anonymous reader writes: A group of researchers have discovered some of the most popular BitTorrent applications, including uTorrent, Mainline, and Vuze are vulnerable to a newly discovered form of distributed denial of service attack that makes it easy for a single person to bring down large sites. The weaknesses allow an attacker to insert the target's IP address instead of their own in the malicious request. To mount a Distributed Reflective DoS (DRDoS) attack, an attacker sends this malformed requests to other BitTorrent users, which then act as reflectors and amplifiers and flood the intended victim with responses.

1 of 47 comments (clear)

  1. Could this lead to false sharing allegations? by ukoda · · Score: 5, Interesting

    Given media companies chasing people for illegal sharing on the basis the very lists that this exploit is manipulating I guess this could lead to false allegations of file sharing? I guess it could be used in countries like New Zealand to have victims force disconnected by their ISP for multiple instances of file sharing when they had in fact never shared anything?